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Abstract 

The classical division algorithm for polynomials requires 0(n 2 ) operations for inputs 
of size n. Using reversal technique and Newton iteration, it can be improved to 0(M(n)), 
where M is a multiplication time. But the method requires that the degree of the modulo, 
x l , should be the power of 2. If I is not a power of 2 and /(O) = 1, Gathen and Gerhard 
suggest to compute the inverse, modulo x'"'/ 2 '"' , a;^/2 r 1 ] ; . . . j ^TV 2 ! ; x l , separately. 

But they did not specify the iterative step. In this note, we show that the original Newton 
iteration formula can be directly used to compute / _1 mod x l without any additional cost, 
when I is not a power of 2. 
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1 Introduction 

Polynomials over a field form a Euclidean domain. This means that for all a, b with 6^0 
there exist unique q, r such that a = qb+r where degr <deg6. The division problem is then to 
find q, r, given a, b. The classical division algorithm for polynomials requires 0(n 2 ) operations 
for inputs of size n. Using reversal technique and Newton iteration, it can be improved to 
0(M(n)), where M is a multiplication time. But the method requires that the degree of x l 
should be the power of 2. If I is not a power of 2 and /(0) = 1, Gathen and Gerhard [I] 
suggest to compute the inverse, modulo x^ l / 2r \x^ l / 2r X \ ■ ■ ■ ,x^ l / 2 \x l , separately. But 
they did not specify the iterative step. In this note, we show that the original Newton iteration 
formula can be directly used to compute / _1 modx' without any additional cost, when I is 
not a power of 2. We also correct an error in the cost analysis pp. 

2 Division algorithm for polynomials using Newton iteration 

The description comes from Ref. [1]. 
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Let D be a ring (commutative, with 1) and a, b € D[x] two polynomials of degree n and 
m, respectively. We assume that m < n and that b is monic. We wish to find polynomials 
q and r in D[x] satisfying a = qb + r with degr <deg& (where, as usual, we assume that the 
zero polynomial has degree — oo). Since b is monic, such q,r exist uniquely 

Substituting \ jx for the variable x and multiplying by x n , we obtain 




We define the reversal of a as revfc(a) = x k a(l/x). When k = n, this is the polynomial with 
the coefficients of a reversed, that is, if a = a n x n + a n _ix ra ~ 1 + • • • + a\x + ao, then 

rev(a) = rev n (a) = oqx 11 + aix n_1 + • • • + a n -\x + ao 

Equation (1) now reads 

rev n (a) = rev n _ m (<?) • rev m (6) + x n_m+1 rev m _i(r), 

and therefore, 

rev n (a) = iev n - m (q) ■ rev m (6) modx n_m+1 . 

Notice that rev m (6) has constant coefficient 1 and thus is invertible modulo x n ~ m+1 . Hence 
we find 

rev n _ m (g) = rev n (a) • rev m (6)~ 1 modx n_m+1 , 

and obtain q = rev ra _ m (rev ra _ m (g)) and r = a — qb. 

So now we have to solve the problem of finding, from a given / <G D[x] and / € N with 
/(0) = 1, age D[x] satisfying fg = lmodx'. If / is a power of 2, then we can easily obtain 
the inversion by the following iteration step 

g i+ i = 2 9i - fgf 

In fact, if fgi = 1 mod/, then x T \ 1 - fg h x T+1 \ (1 - fgif. Hence, x T+L \ 1 - f{2g, t - fgf). 
Using the above iteration method, we have the following result: 

Theorem 1. Let D be a ring (commutative, with 1), f,go,gi,---,€ D[x\, with /(0) = 
1, go = 1, and Oj+i = 2g, L — fgf modx 2l+1 , for all i. Then fg-i = 1 modx 21 for all i > 0. 

By Theorem 1 , we now obtain the following algorithm to compute the inverse of / mod x l . 
We denote by log the binary logarithm. 
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Algorithm 1: Inversion using Newton iteration 



Input: / G D[x] with /(0) = 1, and I G N. 
Output: g G D[x] satisfying fg = lmodx z . 

1. g -G- l,r G- [log/] 

2. for i = 1, • • • ,r do & G- (2^.1 - /flf.^) rema; 2 ' 

3. Return g r 

From the algorithm 1, one can easily obtain the following. 

Algorithm 2: Fast division with remainder 
Input: a, b G D[x], where D is a ring (commutative, with 1) and b ^ is monic. 
Output: g, r G -Dfx] such that a = qb + r and degr < degft. 

1. if dega < deg& then return q = and r = a 

2. m <— dega — deg6 

call Algorithm 1 to compute the inverse of rev^ e g ^(6) G D[x] modulo x mJ[ 

3. q* G- rev dega (a) • rev degfe (6) _1 remx m+1 

4. return q = rev m (g*) and r = a — bq 



3 On the form of / 

The authors jl] stress that " if I is not a power of 2, then the above algorithm computes too 
many coefficients of the inverse." They suggest to compute the inverse modulo x^/ 2 ^ , x^/ 2r ^ , • • • , 
x^/ 2 \x l . For example, suppose / = 11, then x^ 11 / 2 ^ = x, x^ 11 / 2 ^ = x 2 , x^ 11 / 22 ! = x 3 , 
x \ll/2\ = j n cas6) one nas t Q compute / _1 modulo x, x 2 , x 3 , x 6 , x 11 . It should 

be stressed that the authors did not specify the iterative step. More serious, the sequence 
1, 2, 3, 6, 11 does not form an addition chain [2j. Given a chain {a,} and /, we can define the 
following iterative step 

9a k = 9a, + 9a, ~ fga^a, mod X afc , ifo fc = + dj 

In fact, the suggestion is somewhat misleading. If I is not a power of 2, the original 
algorithm 1 can be used to compute the inverse modulo x l without any additional cost. It 
suffices to observe the following fact. 

Fact 1. IfO<l<t and x* | 1 — fg, then x l | 1 — fg. 
The above fact is directly based on the divisibility characteristic. Based on the fact, we obtain 
the following algorithm. 
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Algorithm 3: Inversion using divisibility characteristic 
Input: / € D[x] with /(0) = 1, and I E N. 
Output: g G satisfying = lmodi'. 

1. 50 <- l,r <r- \logl] 

2. for i = l,-- ,r - 1 do gi <- g^i • (2 - / • remx 2 ' 

3. # r <- # r _i • (2 - / • 5t r _i) remx' 

4. Return g r 

Correctness. It suffices to observe that / < 2 r where r = [log l~\ . Hence x l \ x 2r . Since 
x 2T 1 1 — /(2<7 r _i — fg 2 _i), we have a; 1 1 — /(2p r _i — fg 2 _i). That means g r is the inverse of 
/ modulo too. 

4 On the cost analysis 

To make a sound cost analysis, we need the following definition of multiplication time and its 
properties. 

Definition 1. Let R be a ring (commutative, with 1). We call a function M : A r > o — > -R>o 
a multiplication time for R[x] if polynomials in R[x] of degree less than n can be multiplied us- 
ing at most M{n) operations in R. Similarly, a function M as above is called a multiplication 
time for Z if two integers of length n can be multiplied using at most M(n) word operations. 

For convenience, we will assume that the multiplication time satisfies 
M(n)/n > M(m)/m ifn > m, M(mn) < m 2 M(n), 
for all n,m € iV>o. The first inequality yields the superlinearity properties 

M{mn) > mM(n), M(m + n) > M{n) + M(m), andM(n) > n 
for all n, m € iV>o. 

By the above definition and properties, the authors obtained the following result pp. 

Theorem 2. Algorithm 1 correctly computes the inverse of f modulo x l . If I = 2 r is a 
power of 2, then it uses at most 3M(l) + I € 0(M(l)) arithmetic operations in D. 

Proof. In step 2, all powers of x up to 2* can be dropped, and since 

9i = 0i-l(2 - fgi) = 9i-i modi 2 ' , (2) 

also the powers of x less than 2*~ 1 . The cost for one iteration of step 2 is M(2 l_1 ) for 
the computation of gf_i, M(2 l ) for the product fgf_i modx 2 ', and then the negative of the 
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upper half of fgf_i modulo x 2 ' is the upper half of gi, taking 2 % 1 operations. Thus we have 
M{2 i ) + M(2 i ~ 1 ) + 2*" 1 < §M(2') + 2 l ~ l in step 2, and the total running time is 

J2 (~M{2 i ) + 2*- 1 ) < (-M{2 r ) + 2 r -A 2 ^ r < 3M(2 r ) + 2 r = 3M(Z) + /, (3) 

where we have used 2M(n) < M(2n) for all n G N. 

There is a typo and an error in the above proof and theorem. 

• In the above argument there is a typo (see Eq.(2)). 

• The cost for one iteration of step 2 is M(2 l ) for the computation of g\_ x instead of the 
original M(2 i ~ 1 ), because it is computed under the module x 2 \ not a; 2 ' . Since the 
upper half of /(flf_i) modulo x 2,1 is the same as gi and the lower half of gi is the same as 
gi—i, the cost for the computation of f(gf_i) modulo x 2 ' only needs M(2*~ 1 ). Therefore, 
according to the original argument the bound should be 

J2 (~M{2 i ) + 2 i -A < (~M{2 r ) + 2 r -A J2 ^ r < 3M(2 r ) + 2 r < 12M(Z) + 21, 

l<i<r ^ ' ^ ^ l<i<r 

(4) 

The last estimation comes from / < 2 r < 21. 
Now, we make a formal cost analysis of algorithm 3. 

Theorem 3. Algorithm 3 correctly computes the inverse of f modulo x l . It uses at most 
5M(/) + / G 0{M(l)) arithmetic operations in D. 

Proof. The cost for step 2 is 3M(2 r_1 ) + 2 r ~ 1 (see the above cost analysis). The cost for 
step 3 is bounded by 2M(l). Since 2 r ~ 1 < I < 2 r , the total cost is 5M(l) + I. 

5 Conclusion 

In this note, we revisit the fast division algorithm using Newton iteration. We show that 
the original Newton iterative step can be still used for any arbitrary exponent I without the 
restriction that I should be the power of 2. We also make a formal cost analysis of the method. 
We think the new presentation is helpful to grasp the method entirely and deeply. 
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